From b5008a9dc83b1694a8afe2bcecf718f8d131d46d Mon Sep 17 00:00:00 2001
From: marco370 <48531002-marco370@users.noreply.replit.com>
Date: Thu, 16 Oct 2025 16:50:17 +0000
Subject: [PATCH] Fix login redirect and server error handling for admin users

Introduces a GET route for /api/login to redirect to /api/auto-login-admin, and enhances error handling and logging within the local authentication module, particularly for admin user retrieval.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 42d8028a-fa71-4ec2-938c-e43eedf7df01
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/6d543d2c-20b9-4ea6-93fe-70fe9b1d9f80/42d8028a-fa71-4ec2-938c-e43eedf7df01/EAVbbe1
---
 .replit                                       |   4 -
 ...100-19-19--1760633252233_1760633252233.txt | 140 ++++++++++++++++++
 server/localAuth.ts                           |  28 +++-
 3 files changed, 163 insertions(+), 9 deletions(-)
 create mode 100644 attached_assets/Pasted-git-pull-origin-main-remote-Enumerating-objects-19-done-remote-Counting-objects-100-19-19--1760633252233_1760633252233.txt

diff --git a/.replit b/.replit
index d8529f5..048618b 100644
--- a/.replit
+++ b/.replit
@@ -19,10 +19,6 @@ externalPort = 80
 localPort = 33035
 externalPort = 3001
 
-[[ports]]
-localPort = 36465
-externalPort = 3003
-
 [[ports]]
 localPort = 41343
 externalPort = 3000
diff --git a/attached_assets/Pasted-git-pull-origin-main-remote-Enumerating-objects-19-done-remote-Counting-objects-100-19-19--1760633252233_1760633252233.txt b/attached_assets/Pasted-git-pull-origin-main-remote-Enumerating-objects-19-done-remote-Counting-objects-100-19-19--1760633252233_1760633252233.txt
new file mode 100644
index 0000000..27a861a
--- /dev/null
+++ b/attached_assets/Pasted-git-pull-origin-main-remote-Enumerating-objects-19-done-remote-Counting-objects-100-19-19--1760633252233_1760633252233.txt
@@ -0,0 +1,140 @@
+git pull origin main
+remote: Enumerating objects: 19, done.
+remote: Counting objects: 100% (19/19), done.
+remote: Compressing objects: 100% (14/14), done.
+remote: Total 14 (delta 11), reused 0 (delta 0), pack-reused 0 (from 0)
+Unpacking objects: 100% (14/14), 7.51 KiB | 640.00 KiB/s, done.
+From https://git.alfacom.it/marco/VigilanzaTurni
+ * branch            main       -> FETCH_HEAD
+   8b07e96..51a2eec  main       -> origin/main
+Updating 8b07e96..51a2eec
+Fast-forward
+ .replit                                                                    |   4 +
+ ...ct-16-11-58-04-EDT-2025-Pull-ultime-mod-1760632114854_1760632114855.txt | 185 ++++++++++++++++++++++++++++++++++
+ ...ct-16-11-58-04-EDT-2025-Pull-ultime-mod-1760632132808_1760632132808.txt | 185 ++++++++++++++++++++++++++++++++++
+ ...ni-git-pull-origin-main-From-https-git--1760632410513_1760632410513.txt | 169 +++++++++++++++++++++++++++++++
+ server/localAuth.ts                                                        | 159 +++++++++++++++++++++++++++++
+ server/routes.ts                                                           |  38 +++++--
+ 6 files changed, 732 insertions(+), 8 deletions(-)
+ create mode 100644 attached_assets/Pasted-bash-deploy-deploy-sh-Deployment-VigilanzaTurni-Thu-Oct-16-11-58-04-EDT-2025-Pull-ultime-mod-1760632114854_1760632114855.txt
+ create mode 100644 attached_assets/Pasted-bash-deploy-deploy-sh-Deployment-VigilanzaTurni-Thu-Oct-16-11-58-04-EDT-2025-Pull-ultime-mod-1760632132808_1760632132808.txt
+ create mode 100644 attached_assets/Pasted-cd-var-www-vigilanza-turni-root-localhost-vigilanza-turni-git-pull-origin-main-From-https-git--1760632410513_1760632410513.txt
+ create mode 100644 server/localAuth.ts
+[root@localhost vigilanza-turni]# npm ci --include=dev
+npm warn deprecated @esbuild-kit/esm-loader@2.6.5: Merged into tsx: https://tsx.is
+npm warn deprecated @esbuild-kit/core-utils@3.3.2: Merged into tsx: https://tsx.is
+
+added 496 packages, and audited 497 packages in 13s
+
+67 packages are looking for funding
+  run `npm fund` for details
+
+8 vulnerabilities (3 low, 5 moderate)
+
+To address issues that do not require attention, run:
+  npm audit fix
+
+To address all issues (including breaking changes), run:
+  npm audit fix --force
+
+Run `npm audit` for details.
+[root@localhost vigilanza-turni]# npm run build
+
+> rest-express@1.0.0 build
+> vite build && esbuild server/index.ts --platform=node --packages=external --bundle --format=esm --outdir=dist
+
+vite v5.4.20 building for production...
+transforming (3) src/main.tsxBrowserslist: browsers data (caniuse-lite) is 12 months old. Please run:
+  npx update-browserslist-db@latest
+  Why you should do it regularly: https://github.com/browserslist/update-db#readme
+transforming (4) src/App.tsx
+A PostCSS plugin did not pass the `from` option to `postcss.parse`. This may cause imported assets to be incorrectly
+transformed. If you've recently added a PostCSS plugin that raised this warning, please contact the package author to fix the issue.
+✓ 2673 modules transformed.
+../dist/public/index.html                   1.49 kB │ gzip:   0.63 kB
+../dist/public/assets/index-DdJrKUWT.css   75.43 kB │ gzip:  12.17 kB
+../dist/public/assets/index-C9iY8fDP.js   590.69 kB │ gzip: 173.23 kB
+
+(!) Some chunks are larger than 500 kB after minification. Consider:
+- Using dynamic import() to code-split the application
+- Use build.rollupOptions.output.manualChunks to improve chunking: https://rollupjs.org/configuration-options/#output-manualchunks
+- Adjust chunk size limit for this warning via build.chunkSizeWarningLimit.
+✓ built in 8.84s
+
+  dist/index.js  61.2kb
+
+⚡ Done in 15ms
+[root@localhost vigilanza-turni]# pm2 restart vigilanza-turni
+Use --update-env to update environment variables
+[PM2] Applying action restartProcessId on app [vigilanza-turni](ids: [ 0 ])
+[PM2] [vigilanza-turni](0) ✓
+┌────┬────────────────────┬──────────┬──────┬───────────┬──────────┬──────────┐
+│ id │ name               │ mode     │ ↺    │ status    │ cpu      │ memory   │
+├────┼────────────────────┼──────────┼──────┼───────────┼──────────┼──────────┤
+│ 0  │ vigilanza-turni    │ fork     │ 3    │ online    │ 0%       │ 9.8mb    │
+└────┴────────────────────┴──────────┴──────┴───────────┴──────────┴──────────┘
+[root@localhost vigilanza-turni]# pm2 logs vigilanza-turni --lines 30 --nostream
+[TAILING] Tailing last 30 lines for [vigilanza-turni] process (change the value with --lines option)
+/root/.pm2/logs/vigilanza-turni-error.log last 30 lines:
+0|vigilanz |       at TLSSocket.onConnectSecure (node:_tls_wrap:1687:27)
+0|vigilanz |       at TLSSocket.emit (node:events:524:28)
+0|vigilanz |       at TLSSocket._finishInit (node:_tls_wrap:1076:8)
+0|vigilanz |       at ssl.onhandshakedone (node:_tls_wrap:862:12) {
+0|vigilanz |     code: 'ERR_TLS_CERT_ALTNAME_INVALID',
+0|vigilanz |     reason: "Host: localhost. is not in the cert's altnames: DNS:vt.alfacom.it",
+0|vigilanz |     host: 'localhost',
+0|vigilanz |     cert: {
+0|vigilanz |       subject: [Object: null prototype],
+0|vigilanz |       issuer: [Object: null prototype],
+0|vigilanz |       subjectaltname: 'DNS:vt.alfacom.it',
+0|vigilanz |       infoAccess: [Object: null prototype],
+0|vigilanz |       ca: false,
+0|vigilanz |       bits: 256,
+0|vigilanz |       pubkey: <Buffer 04 1f 47 37 77 2f 24 97 69 bf 9b 69 2c 6f f1 94 ea 66 2a 19 e8 89 2c 5b 59 ca 44 8f 3f 04 9f c9 ff f3 47 fa 2b 72 43 d9 66 11 90 31 04 31 fb 82 22 4c ... 15 more bytes>,
+0|vigilanz |       asn1Curve: 'prime256v1',
+0|vigilanz |       nistCurve: 'P-256',
+0|vigilanz |       valid_from: 'Oct 16 07:57:48 2025 GMT',
+0|vigilanz |       valid_to: 'Jan 14 07:57:47 2026 GMT',
+0|vigilanz |       fingerprint: 'D0:77:49:94:D8:06:A7:C5:EC:21:74:C6:B3:F5:42:48:96:77:46:28',
+0|vigilanz |       fingerprint256: '8B:D9:F6:31:F4:0A:65:53:B7:69:ED:4C:8C:B9:D5:92:91:81:56:B2:33:B5:0E:F1:8A:E3:FC:BA:EB:12:87:D0',
+0|vigilanz |       fingerprint512: '9A:1A:04:0D:E2:CE:78:E3:52:9F:6E:1C:25:95:95:FF:C9:7C:62:C6:D6:98:CA:E8:59:5C:01:0A:5F:A5:C2:43:50:77:10:2E:07:CB:7B:F3:C9:DE:39:37:A5:54:86:FD:C7:0F:02:DF:F6:E7:C8:BB:BA:BE:FB:79:AE:77:76:59',
+0|vigilanz |       ext_key_usage: [Array],
+0|vigilanz |       serialNumber: '068FB11FEDA957005036401D5EBC8CB8BD43',
+0|vigilanz |       raw: <Buffer 30 82 03 87 30 82 03 0c a0 03 02 01 02 02 12 06 8f b1 1f ed a9 57 00 50 36 40 1d 5e bc 8c b8 bd 43 30 0a 06 08 2a 86 48 ce 3d 04 03 03 30 32 31 0b 30 ... 857 more bytes>,
+0|vigilanz |       issuerCertificate: [Object]
+0|vigilanz |     }
+0|vigilanz |   },
+0|vigilanz |   [Symbol(kMessage)]: "Hostname/IP does not match certificate's altnames: Host: localhost. is not in the cert's altnames: DNS:vt.alfacom.it"
+0|vigilanz | }
+
+/root/.pm2/logs/vigilanza-turni-out.log last 30 lines:
+0|vigilanz | > NODE_ENV=production node dist/index.js
+0|vigilanz |
+0|vigilanz | 12:31:17 PM [express] serving on port 5000
+0|vigilanz |
+0|vigilanz | > rest-express@1.0.0 start
+0|vigilanz | > NODE_ENV=production node dist/index.js
+0|vigilanz |
+0|vigilanz | 12:35:39 PM [express] serving on port 5000
+0|vigilanz |
+0|vigilanz | > rest-express@1.0.0 start
+0|vigilanz | > NODE_ENV=production node dist/index.js
+0|vigilanz |
+0|vigilanz | 12:37:02 PM [express] serving on port 5000
+0|vigilanz | 12:37:32 PM [express] GET /api/auth/user 401 in 7ms :: {"message":"Unauthorized"}
+0|vigilanz | 12:37:33 PM [express] GET /api/login 302 in 59ms
+0|vigilanz | 12:37:38 PM [express] GET /api/login 302 in 11ms
+0|vigilanz | 12:37:43 PM [express] GET /api/auth/user 401 in 7ms :: {"message":"Unauthorized"}
+0|vigilanz | 12:37:45 PM [express] GET /api/login 302 in 9ms
+0|vigilanz | 12:38:13 PM [express] GET /api/login 302 in 35ms
+0|vigilanz | 12:38:48 PM [express] GET /api/login 302 in 31ms
+0|vigilanz |
+0|vigilanz | > rest-express@1.0.0 start
+0|vigilanz | > NODE_ENV=production node dist/index.js
+0|vigilanz |
+0|vigilanz |  Usando Local Auth (vt.alfacom.it)
+0|vigilanz | ✅ [LocalAuth] Sistema autenticazione locale attivato
+0|vigilanz |  Email admin: admin@vt.alfacom.it
+0|vigilanz |  Password admin: admin123
+0|vigilanz |  Auto-login: GET /api/auto-login-admin
+0|vigilanz | 12:46:18 PM [express] serving on port 5000
diff --git a/server/localAuth.ts b/server/localAuth.ts
index 105416e..3ad6477 100644
--- a/server/localAuth.ts
+++ b/server/localAuth.ts
@@ -104,7 +104,13 @@ export async function setupLocalAuth(app: Express) {
     }
   });
 
-  // Route login locale
+  // Route login GET (redirect auto-login per compatibilità)
+  app.get("/api/login", (req, res) => {
+    // Redirect a auto-login admin per demo
+    res.redirect("/api/auto-login-admin");
+  });
+
+  // Route login locale POST
   app.post("/api/local-login", passport.authenticate("local"), (req, res) => {
     res.json({ 
       success: true, 
@@ -120,21 +126,33 @@ export async function setupLocalAuth(app: Express) {
     }
     
     try {
+      console.log("🔍 [LocalAuth] Recupero lista utenti...");
       const users = await storage.getAllUsers();
+      console.log(`✅ [LocalAuth] Trovati ${users.length} utenti`);
+      
       const admin = users.find((u: any) => u.email === DEFAULT_ADMIN_EMAIL);
       
       if (admin) {
+        console.log(`✅ [LocalAuth] Admin trovato: ${admin.email}`);
         req.login({ id: admin.id, email: admin.email }, (err) => {
           if (err) {
-            return res.status(500).json({ error: "Errore auto-login" });
+            console.error("❌ [LocalAuth] Errore req.login:", err);
+            return res.status(500).json({ error: "Errore auto-login", details: err.message });
           }
+          console.log("✅ [LocalAuth] Login effettuato, redirect a /");
           res.redirect("/");
         });
       } else {
-        res.status(404).json({ error: "Admin non trovato" });
+        console.error(`❌ [LocalAuth] Admin non trovato (cercato: ${DEFAULT_ADMIN_EMAIL})`);
+        res.status(404).json({ error: "Admin non trovato", users: users.map((u: any) => u.email) });
       }
-    } catch (error) {
-      res.status(500).json({ error: "Errore server" });
+    } catch (error: any) {
+      console.error("❌ [LocalAuth] Errore in auto-login-admin:", error);
+      res.status(500).json({ 
+        error: "Errore server", 
+        message: error.message,
+        stack: process.env.NODE_ENV === 'development' ? error.stack : undefined
+      });
     }
   });